A.A custom application security policy can be configured in the Advanced Firewall Security Configuration dialog box.
B.An optional DMZ interface can be specified in the Advanced Firewall Interface Configuration dialog box.
C.Custom application policies for e-mail, instant messaging, HTTP, and peer-to-peer services can be created using the Intermediate Firewall wizard.
D.Only the outside (untrusted) interface is specified in the Basic Firewall Interface Configuration dialog box.
E.The outside interface that SDM can be launched from is configured in the Configuring Firewall for Remote Access dialog box.
F.The SDM provides a basic, intermediate, and advanced firewall wizard.
您可能感兴趣的试卷
你可能感兴趣的试题
A.VDSL
B.HDSL
C.ADSL
D.SDSL
Refer to the exhibit.
Which three statements describe the steps that are required to configure an IPsec site-to-site VPN using a GRE tunnel?()
A.The command access-list 110 permit gre must be configured to specify which traffic will be encrypted.
B.The command access-list 110 permit ip must be configured to specify which hosts can use the tunnel.
C.The tunnel destination 172.17.63.18 command must be configured on the Tunnel0 interface.
D.The tunnel mode gre command must be configured on the Tunnel0 interface.
E.The tunnel source Ethernet1 command must be configured on the Tunnel0 interface.
F.The tunnel source Tunnel0 command must be configured on the Tunnel0 interface.
A.AlarmSeverity
B.AlarmKeepalive
C.AlarmTraits
D.EventMedia
E.EventAlarm
F.EventAction
A.Cable modems only operate at Layer 1 of the OSI model.
B.Cable modems operate at Layers 1 and 2 of the OSI model.
C.Cable modems operate at Layers 1, 2, and 3 of the OSI model.
D.A function of the cable modem termination system (CMTS) is to convert the modulated signal from the cable modem into a digital signal.
E.A function of the cable modem termination system is to convert the digital data stream from the end user host into a modulated RF signal for transmission onto the cable system.
A.Dead Peer Detection (DPD)
B.CDP
C.isakmp keepalives
D.GRE keepalive mechanism
E.The hello mechanism of the routing protocol across the IPsec tunnel
Refer to the exhibit. Which statement is true about the partial MPLS configuration that is shown?()
A.The route-target both 100:2 command sets import and export route-targets for vrf2.
B.The route-target both 100:2 command changes a VPNv4 route to a IPv4 route.
C.The route-target import 100:1 command sets import route-targets routes specified by the route map.
D.The route-target import 100:1 command sets import route-targets for vrf2 that override the other route-target configuration.
Refer to the exhibit. Which statement is true about the configuration of split tunnels using SDM?()
A.Any protected subnets that are entered represent subnets at the end user’s site that will be accessed without going through the encrypted tunnel.
B.Any protected subnets that are entered represent subnets at the end user’s site that will be accessed through the encrypted tunnel.
C.Any protected subnets that are entered represent subnets at the VPN server site that will be accessed without going through the encrypted tunnel.
D.Any protected subnets that are entered represent subnets at the VPN server site that will be accessedthrough the encrypted tunnel.
A.All passwords entered during the AutoSecure configuration must be a minimum of 8 characters in length.
B.Cisco123 would be a valid password for both the enable password and the enable secret commands.
C.The auto secure command can be used to secure the router login as well as the NTP and SSH protocols.
D.For an interactive full session of AutoSecure, the auto secure login command should be used.
E.If the SSH server was configured, the 1024 bit RSA keys are generated after the auto secure commandis enabled.
Refer to the exhibit.
What does the "26" in the first two hop outputs indicate?()
A.the outer label used to determine the next hop
B.the IPv4 label for the destination network
C.the IPv4 label for the forwarding router
D.the IPv4 label for the destination router
A.If the VPN server is configured for Xauth, the VPN client waits for a username / password challenge.
B.The Cisco Easy VPN feature only supports transform sets that provide authentication and encryption.
C.The VPN client initiates aggressive mode (AM) if a pre-shared key is used for authentication during the IKE phase 1 process.
D.The VPN client verifies a server username/password challenge by using a AAA authentication server that supports TACACS+ or RADIUS.
E.The VPN server can only be enabled on Cisco PIX Firewalls and Cisco VPN 3000 series concentrators.
F.When connecting with a VPN client,the VPN server must be configured for ISAKMP group 1,2 or 5.
最新试题
Refer to the exhibit. Which order correctly identifies the steps to provision a cable modem to connect to a headend as defined by the DOCSIS standard?()
Which three statements are true when configuring Cisco IOS Firewall features using the SDM? ()
Which two statements are true about broadband cable (HFC) systems?()
Refer to the exhibit. Which statement is true about the configuration of split tunnels using SDM?()
What are two steps that must be taken when mitigating a worm attack?()
Which two statements about the Cisco AutoSecure feature are true?()
Which three statements about IOS Firewall configurations are true?()
Refer to the exhibit. The show mpls interfaces detail command has been used to display information about the interfaces on router R1 that have been configured for label switching. Which statement is true about the MPLS edge router R1?()
If an edge Label Switch Router (LSR) is properly configured,which three combinations are possible?()
Refer to the exhibit.Which three statements describe the steps that are required to configure an IPsec site-to-site VPN using a GRE tunnel?()